/*
 * The contents of this file are subject to the terms of the Common Development and
 * Distribution License (the License). You may not use this file except in compliance with the
 * License.
 *
 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
 * specific language governing permission and limitations under the License.
 *
 * When distributing Covered Software, include this CDDL Header Notice in each file and include
 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
 * Header, with the fields enclosed by brackets [] replaced by your own identifying
 * information: "Portions Copyright [year] [name of copyright owner]".
 *
 * Copyright 2008 Sun Microsystems, Inc.
 * Portions Copyright 2010-2016 ForgeRock AS.
 * Portions Copyright 2012 Dariusz Janny <dariusz.janny@gmail.com>
 */
package org.opends.server.extensions;

import org.forgerock.opendj.ldap.ByteString;
import org.opends.server.TestCaseUtils;
import org.forgerock.opendj.server.config.meta.CryptPasswordStorageSchemeCfgDefn;
import org.opends.server.types.Entry;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

import static org.opends.server.extensions.PasswordStorageSchemeTestCase.*;

/**
 * A set of test cases for the crypt password storage scheme.
 */
@SuppressWarnings("javadoc")
public class CryptPasswordStorageSchemeTestCase
       extends ExtensionsTestCase
{
  /** Names of all the crypt algorithms we want to test. */
  private static final String[] names = { "unix", "md5", "sha256", "sha512" };

  /**
   * Creates a new instance of this crypt password storage scheme test
   * case with the provided information.
   */
  public CryptPasswordStorageSchemeTestCase()
  {
    super();
  }


  /**
   * Ensures that the Directory Server is started before running any of these
   * tests.
   */
  @BeforeClass
  public void startServer() throws Exception
  {
    TestCaseUtils.startServer();
  }



  /**
   * Retrieves a set of passwords that may be used to test the password storage
   * scheme.
   *
   * @return  A set of passwords that may be used to test the password storage
   *          scheme.
   */
  @DataProvider(name = "testPasswords")
  public Object[][] getTestPasswords()
  {
    return getTestPasswordsStatic();
  }


  /**
   * Creates an instance of each password storage scheme, uses it to encode the
   * provided password, and ensures that the encoded value is correct.
   *
   * @param  plaintext  The plain-text version of the password to encode.
   * @throws  Exception  If an unexpected problem occurs.
   */
  @Test(dataProvider = "testPasswords")
  public void testUnixStorageSchemes(ByteString plaintext)
         throws Exception
  {
    for (String name : names)
    {
      testStorageScheme(plaintext, getScheme(name));
    }
  }


  @DataProvider
  public Object[][] passwordsForBinding()
  {
    return PasswordStorageSchemeTestCase.passwordsForBinding();
  }



  /**
   * An end-to-end test that verifies that we can set a pre-encoded password
   * in a user entry, and then bind as that user using the cleartext password.
   */
  @Test(dataProvider = "passwordsForBinding")
  public void testSettingUnixEncodedPassword(ByteString plainPassword)
          throws Exception
  {
    for (String name: names)
    {
      testSettingEncodedPassword(plainPassword, getScheme(name));
    }
  }

  /**
   * Retrieves a set of passwords (plain and variously hashed) that may
   * be used to test the different Unix "crypt" algorithms used by the Crypt
   * Password Storage scheme.
   *
   * The encrypted versions have been generated by the openssl passwd -1
   * command on MacOS X.
   *
   * @return  A set of couple (cleartext, hashed) passwords that
   *          may be used to test the different algorithms used by the Crypt
   *          password storage scheme.
   */
  @DataProvider(name = "testCryptPasswords")
  public Object[][] getTestCryptPasswords()
         throws Exception
  {
    return new Object[][]
    {
      { "secret12", "{CRYPT}$1$X40CcMaA$dd3ndknBLcpkED4/RciyD1" },
      { "#1 Strong Password!", "{CRYPT}$1$7jHbWKyy$gAmpOSdaYVap55MwsQnK5/" },
      { "foo", "{CRYPT}$1$ac/Z7Q3s$5kTVLqMSq9KMqUVyEBfiw0" },
      { "secret12", "{CRYPT}$5$miWe9yahchas7aiy$b/6oTh5QF3bqbdIDWmjtdOxD8df75426zTHwF.MJuyB" },
      { "foo", "{CRYPT}$5$aZoothaeDai0nooG$5LDMuhK6gWtH6/mrrqZbRc5aIRROfrKri4Tvl/D6Z.0"},
      { "#1 Strong Password!", "{CRYPT}$5$aZoothaeDai0nooG$6o0Sbx/RtTA4K/A8uflMsSCid3i7TYktcwWxIp5NFy2"},
      { "secret12",
 "{CRYPT}$6$miWe9yahchas7aiy$RQASn5qZMCu2FDsR69RHk1RoLVi3skFUhS0qGNCo.MymgkYoWAedMji09UzxMFzOj8fW2GnzsXT4RVn9gcNmf0" },
      { "#1 Strong Password!",
 "{CRYPT}$6$p0NJY6r4$VV2JfNtRaTmy8hBtVpdgeIUYQIAUyfdLyhiH6VxzsDIw.28oCsVeMQ5ARiL/PoOambM9dAU3vk4ll8uEB/nnx0"},
      { "foo",
 "{CRYPT}$6$aZoothaeDai0nooG$1K9ePro8ujsqRy/Ag77OVuev8Y8hyN1Jp10S2t9S.1RMtkKn/SbxQbl2MezoL0UJFYjrEzL0zVdO8PcfT3yXS."}
    };
  }

  @Test(dataProvider = "testCryptPasswords")
  public void testAuthCryptPasswords(
          String plaintextPassword,
          String encodedPassword) throws Exception
  {
    testAuthPasswords("TestCrypt", plaintextPassword, encodedPassword);
  }

  /**
   * Retrieves an initialized instance of this password storage scheme.
   *
   * @return  An initialized instance of this password storage scheme.
   *
   * @throws  Exception  If an unexpected problem occurs.
   */
  private CryptPasswordStorageScheme getScheme(String algo)
         throws Exception
  {
    Entry e = TestCaseUtils.makeEntry(
      "dn: cn=CRYPT,cn=Password Storage Schemes,cn=config",
      "objectClass: top",
      "objectClass: ds-cfg-password-storage-scheme",
      "objectClass: ds-cfg-crypt-password-storage-scheme",
      "cn: CRYPT",
      "ds-cfg-java-class: org.opends.server.extensions.CryptPasswordStorageScheme",
      "ds-cfg-enabled: true",
      "ds-cfg-crypt-password-storage-encryption-algrithm: " + algo
    );
    return InitializationUtils.initializePasswordStorageScheme(
        new CryptPasswordStorageScheme(), e, CryptPasswordStorageSchemeCfgDefn.getInstance());
  }
}

